General
-
Target
70a6a0858435ef78c13ec4610da2228a
-
Size
5.1MB
-
Sample
231226-qakc9afacl
-
MD5
70a6a0858435ef78c13ec4610da2228a
-
SHA1
2bb1c6dba059246d56742576d5e61de278b05549
-
SHA256
937708964bb6b8cce5d5628d7ad431d6f970a544fd81b96e71a1780dbf0d5fca
-
SHA512
1292fd2212522b1ffca2d82a77a720f390995e3e287405fddf2a46c1e510b812e9effa26ef4d4bbbe4771da7928b93552a377c21dbda0a5b0b2fdc59f31653e7
-
SSDEEP
98304:RWsvyeTrOHK+zqj0vTzOTIlFP9NE6/X/XT3fccPO4e/Jm1f/2G42JNiD/:RWET6zBveTuPjN/XTfccKQ38
Behavioral task
behavioral1
Sample
70a6a0858435ef78c13ec4610da2228a.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
70a6a0858435ef78c13ec4610da2228a
-
Size
5.1MB
-
MD5
70a6a0858435ef78c13ec4610da2228a
-
SHA1
2bb1c6dba059246d56742576d5e61de278b05549
-
SHA256
937708964bb6b8cce5d5628d7ad431d6f970a544fd81b96e71a1780dbf0d5fca
-
SHA512
1292fd2212522b1ffca2d82a77a720f390995e3e287405fddf2a46c1e510b812e9effa26ef4d4bbbe4771da7928b93552a377c21dbda0a5b0b2fdc59f31653e7
-
SSDEEP
98304:RWsvyeTrOHK+zqj0vTzOTIlFP9NE6/X/XT3fccPO4e/Jm1f/2G42JNiD/:RWET6zBveTuPjN/XTfccKQ38
-
SectopRAT payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-